Re: non-critical security bug fix

Serge E. Hallyn wrote:

Are you able to modify the source of the application you bought?  If so,
you can trivially fix it to do what you need by doing a cap_set_proc
after the suid as I described before, i.e.

	ret = setuid();
	caps = cap_from_text("cap_net_raw=e");
	ret = cap_set_proc(caps);

Is that an option?

Unfortunately that product doesn't come with sources.  :-(

--
Serge Aleynikov
Routing R&D, IDT Telecom
Tel: +1 (973) 438-3436
Fax: +1 (973) 438-1464
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• References:
  • non-critical security bug fix
    • From: Serge Aleynikov <[email protected]>
  • Re: non-critical security bug fix
    • From: "Serge E. Hallyn" <[email protected]>
  • Re: non-critical security bug fix
    • From: Serge Aleynikov <[email protected]>
  • Re: non-critical security bug fix
    • From: "Serge E. Hallyn" <[email protected]>

• Prev by Date: Re: [patch 5/7] fault-injection capability for disk IO
• Next by Date: [PATCH] m68knommu: sync syscalls with m68k
• Previous by thread: Re: non-critical security bug fix
• Next by thread: GRIO in Linux XFS?
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]